Manualshelf

Specifications

ManualsBrandsYeastar Technology ManualsBusiness equipmentMyPBX Standard
191192193194195196197198199200
MyPBX Standard Administrator Guide
191/219
When using MyPBX as a TLS client, specify the protocol for outbound TLS
connections. You can select it as tlsv1, sslv2 or sslv3.
Figure J-2
Note:
1. For security reason, we recommend enabling “TLS Verify Client” and
disabling “TLS Ignore Common Name”, in which case, MyPBX will verify IP
phone’s Certificate, the common name inside CA should be the same as its IP
or domain name.
2. TLS Client Method: it’s the TLS method of IP phone; you can contact the
manufacturer of the IP phone to get that.
3. You need to reboot MyPBX to take effect after enabling TLS.
2. Prepare the whole certificates for TLS
Here are the certificates of MyPBX and IP phones for TLS registry as the screen
shot above:
MyPBX’s CA: CA.crt.
MyPBX’s server certificate: asterisk.pem.
IP phone’s CA: CA.crt or CA.csr.
IP phone’s server certificate: client.pem.
The certificate is generated via the toolkit OpenSSL, you can compile the source
package from http://www.openssl.org/
, or download the tool used here,
download link:
www.yeastar.com/download/tools/TLS_CA_Tool.rar
You can find the files inside the package like these: